cognitive cybersecurity intelligence

News and Analysis

How Lumma Stealer sneaks into organizations

The sophisticated info-stealer known as Lumma, marketed as Malware-as-a-Service (MaaS) since 2022, has gained traction in the cybercriminal underworld. Lumma’s infection methods are diverse and include phishing emails, trojanized applications, social engineering, and exploited websites. Recently, Lumma has been observed using fake CAPTCHA pages, whereby users are tricked into executing a malicious command, initiating the malware installation process. Lumma continues to grow its presence on dark web marketplaces and Telegram channels.

Source: securelist.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Booking.com Phishing Scam Uses Fake CAPTCHA to Install AsyncRAT

Booking.com Phishing Scam Uses Fake CAPTCHA to Install AsyncRAT

Hotel staff are being targeted by a phishing campaign that uses fake Booking.com emails to spread AsyncRAT malware. The convincing emails trick victims into following

FOI reveals ransom demand in northern school board cyber incident – SooToday.com

FOI reveals ransom demand in northern school board cyber incident – SooToday.com

A Freedom of Information request uncovered a ransom demand in a cyber incident at a northern school board. The specifics of the ransom demand were

Devices exposed to remote hacking via Erlang/OTP SSH vulnerability

Devices exposed to remote hacking via Erlang/OTP SSH vulnerability

The Erlang/Open Telecom Platform (OTP) SSH implementation contains a critical security vulnerability, potentially exposing systems to security risks.

Hackers Go Global Using Russian-Based Proton66 to Spread Malware

Hackers Go Global Using Russian-Based Proton66 to Spread Malware

Cybersecurity researchers from Trustwave SpiderLabs link a sharp increase in cyberattacks to Russian hosting service Proton66. The IP ranges associated with Proton66 have been used